Often times, we receive questions about why the gotomyerp platform requires the antiquated Microsoft browser, Internet Explorer 11. In this FAQ we will address all the common questions related to that, and what alternatives you have to address it, if it is a very serious issue for your company.
MAY 2022 Update:
As of May 2022, gotomyerp now has a proprietary app, called the AppDashboard. This is an app that gotomyerp has developed to remove all browser dependencies, and at the same time bring the hosted application access, and FileBridge access under one roof. While browser-based access via Internet Explorer (Microsoft Edge) will still work, the AppDashboard will be only officially supported access method. Get Started with the AppDashboard
gotomyerp's stance on security
Before addressing the Internet Explorer question, we want to make it clear: gotomyerp holds security at a very high standard. our SOC Type I and II certifications attest to that.
Remote Desktop RemoteApp, is a Microsoft product, and as such, has certain requirements determined directly by Microsoft.
As newer versions of RDS have become available in Server 2016, and 2019, Microsoft did introduce a new method of connectivity called the RemoteApp WebClient. more on this in the FAQ below.
We will always do our best to recommend solutions that remain secure, yet balance usability with security. Further, we are always working on bringing in to mainstream, other methods that may be available from Microsoft.
Some information in the FAQ are geared toward IT Professionals. Those sections will be highlighted in green below, and can be skipped by non-tech savvy users.
Frequently Asked Questions
Why Internet Explorer 11?
Even though other browsers like Chrome, Firefox or Edge will work with the gotomyerp service. They tend to be cumbersome for the average user. The reason being is that they are all missing a crucial component which only, and unfortunately, exists in Internet Explorer 11. This component allows Internet Explorer 11 to pass through a user's credential from the main gotomyerp application portal, and through to launch the actual hosted application. (i.e: Sage 100, 300, Quickbooks, etc...)
The component in question is an ActiveX add-on for Internet Explorer, it is called: MsRdpClientShell class. This add-on does not actually show up any more in the Internet Explorer 11 "Manage Add-Ons" screen, and the underlying used dll previously named as MsRdpShellClass.dll has now been named as MsRdpWebAccess.dll
Isn't Internet Explorer 11 Insecure?
In the grand scheme of things, we do agree with everyone that other browsers are certainly more modern and, perhaps even more secure than Internet Explorer 11. With that said, the single-signon (SSO) experience that Microsoft provides is still only supported via Internet Explorer 11. We are always on the lookout for Microsoft's modernizing of the platform, and looking to implement those methods as well.
There is one very important point to clarify: The fact that you are logged in to the application portal through Internet Explorer 11, does not by any means indicate that you are also logging in to your application insecurely. We use Microsoft's Best Practices for implementing Remote Desktop Services and RemoteApp. Once the application is launched, it is in fact launching through a Secure Gateway, protected with the latest encryption technologies, and up to par with the latest security standards. You even have the option to add 2 Factor Authentication to your apps for increased security.
But I want to use another browser!
It is possible to use other browsers, but those methods are not officially supported by gotomyerp. However, going to the application portal, via another browser, will in fact work, but will also remove the single-sign-on process. What this means is that if the user is logged in via Google Chrome, and they log in to the application portal, clicking on their hosted app icon (i.e: Sage 100, Quickbooks, etc..) will require 2 additional steps before the application launch is complete:
- The browser will download an .RDP file (Usually to the user's "Downloads" folder, unless otherwise specified.)
- The user will need to launch that RDP file, and type in their credentials one more time to complete the sign-in.
This is possible, but as described above, it is less than ideal and cumbersome.
Are there any other ways to login?
Certainly. We will list them here, and their respective caveats. Those methods are already enabled for all but a few customers who are still on pre 2016 Operating Systems. However, at this time, gotomyerp's officially supported method is still Internet Explorer 11.
Method 1: Using the RemoteApp WebClient
This method is Microsoft's newest method to login to RemoteApp.
The URL needed is the same one launched with Internet Explorer, with the added /RDWeb/WebClient
- This method can be used with any modern browser, including mobile devices.
- It uses new HTML5 technology.
- It runs entirely inside the browser, and can be maximize to a full screen
- Basic functions like printing are available. (with caveats, see disadvantages)
- Generally is not yet very refined.
- Does not have multi-monitor support
- Does not support advanced device redirection (like COM Ports, USB)
- Supports only basic printing: PC supported, Mac is not yet supported.
- Third-party printing tools like TSPrint, are advanced printing solutions which typically facilities tasks like label printing, or printing to non-standard paper sizes, etc... do not work in the HTML5 interface.
- Managing the user's account (i.e: password reset/forgot password, etc...) would have to be accessed using a different URL, which could confuse the users.
Method 2: Using "RemoteApp and Desktop Connections"
- Setting up connectivity using this method will load the published resources into the user's Start Menu, and can be launched similarly to a local application. (The username and password will still be required the first time the user attempts to connect to their app
- It supports all the features that the Internet Explorer 11 published app supports, including the support for 3rd party enhancement tools, like advanced printing, port redirection, and USB Redirection software
For customers with Active Directory domains, this method can be setup and the connection can be pushed to the users using Group Policy. Note: gotomyerp can provide the necessary URLs for connectivity. Example: The Connection URL for such a connection would look similar to the following: https://demo2.gotomyerp.com/RDWeb/feed/webfeed.aspx
Assistance with setting this type of connection with Group Policy on a customer's domain is priced separately.
- It can cause problems when the user makes a copy of the Start Menu shortcuts and places them in different locations on their computer (i.e: their Desktop). If remote resource configurations change, they would not update, and would invalidate the user's shortcuts.
- Managing the user's account (i.e: password reset/forgot password,
etc...) would have to be accessed using a different URL, which could
confuse the users.
- This method is not as straight forward to setup for the novice user, and would require more hand-holding from the IT department.
Can I use the methods above?
You can use the above methods, as long as you have the internal resources (IT Staff) to support your users in case of required troubleshooting